DOCSLIB.ORG

Protecting Utilities' Critical Infrastructure

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Protecting Utilities' Critical Infrastructure PROTECTING UTILITIES’ CRITICAL INFRASTRUCTURE: THE PSC’S ROLE Terry M. Jarrett Commissioner, MoPSC DISCLAIMER z The opinions expressed in this presentation are mine, and mine alone, and are not those of the Commission, any Commissioner (other than myself) or any member of the Staff of the Commission. Further, nothing in this presentation should be attributed to any case or matter before the Commission, to any member of the Staff of the Commission, other Commissioner or the Commission. Overview z Background z Key security issues for regulators z What regulators should do z What utilities should do z Final thoughts About The PSC z Created in 1913 z 5 Commissioners, six-year terms z Regulate utility rates, service and safety for investor- owned electric, gas, telecommunications, sewer and water companies z Regulate safety issues for rural electric cooperatives and municipally-owned utilities z Serve as a proxy for competition PSC Commissioners Jeff Davis, Chair Connie Murray Robert M. Clayton, III Terry Jarrett Kevin Gunn What is Critical Infrastructure? z Systems and assets, whether physical or virtual, so vital to the United States that the incapacity or destruction of such systems and assets would have a debilitating impact on security, national economic security, national public health or safety, or any combination of those matters. The Threat z Pres. Bush, State of the Union, 2002: • “[O]ur discoveries in Afghanistan confirmed our worst fears, and showed us the true scope of the task ahead. We found diagrams of American nuclear power plants and public water facilities. .” z Ensuring adequate protection against terrorist threats is imperative for state and federal regulatory commissions Familiar Incidents z Natural Disasters—e.g., weather-related z Vandalism z Bomb Threats at plants or facilities z Picture taking or videotaping of facilities z Cyber/IT systems intrusions z Theft—vehicles, uniforms and $$ z Manmade disasters—e.g., natural gas leak, train accident Is there a threat to Critical Infrastructure? z Terrorist Organizations z State sponsored activity z Recreational Hackers z Hactivists z Organized Crime z Trusted insiders z Foreign and domestic competitors z Lone criminals z The unknown Historical Reliability and Security z Primary job—Keep utilities services going z One of the most reliable systems in the world z Designed to withstand certain incidents z Public safety and system recovery is critical focus z Security is an ongoing aspect of reliability Utility Infrastructure—A Key Security Component z Utility sector is a $300 BILLION component of the U.S. economy z Provides a platform on which all other industrial sectors are dependent Regulated Utility Sectors z Electricity z Natural Gas z Water/sewer z Telecommunications Interdependencies Among Critical Infrastructures State Commissions Have a Limited but Important Role in Homeland Security z Lead role in determining: • Who pays for increased infrastructure security • Standards by which such security spending will be considered reasonable and appropriate Key Homeland Security Issues Facing State Public Utility Commissions z Protection of sensitive information z Security measures z Cost recovery Protection of Sensitive Information z Regulation of utilities normally conducted in a transparent manner to provide the public with a clear understanding of the utilities’ conduct z Trend is to allow more information to be shared with the public Protection of Sensitive Information Cont. z Sensitive security information does not fall under normal assumptions about the desirability of public transparency z It would be self defeating to publicize the specific security measures a utility has undertaken since this would inform would-be attackers of the obstacles they would face z Utilities might be reluctant to share security information with regulators without a method to protect the confidentiality of the security information Protection of Sensitive Information Cont. z Response to need for greater protection of security sensitive information • State Statute—Sunshine law exception for “information that is voluntarily submitted by a nonpublic entity owning or operating an infrastructure to any public governmental body for use by that body to devise plans for protection of that infrastructure, the public disclosure of which would threaten public safety” • PSC Regulation—Allows utilities to designate information as “Highly Confidential” and file it under seal Security Measures z How do we evaluate security measures? • Regulators do not have well-established precedents by which to evaluate the appropriateness of utilities’ efforts to protect their critical infrastructure • Normal procedure is to rely on witnesses in a proceeding to provide testimony about appropriateness Security Measures Cont. z All utility sectors operate under some level of security guidelines • Electric—North American Electric Reliability Council (NERC)—intra-industry organization that has developed guidelines and best practices for both physical and cyber security • Gas—Security practice guidelines developed by the Department of Transportation’s Office of Pipeline Safety (OPS) Security Measures Cont. • Telecom—Network Reliability & Interoperability Council (NRIC) is an intra-industry organization that has developed an extensive list of best practices for the telecommunication industry • Water and Sewer--The Environmental Protection Agency (EPA) is the lead federal agency for the security of drinking water and waste water—conduct vulnerability assessments and revise emergency response plans accordingly Security Measures Cont. z Question for regulators—official standards or voluntary guidelines? Cost Recovery z Regulated companies are allowed to recover costs that are both prudent and “used and useful” (Prudence review process) z The commission is responsible for reviewing the costs and challenging those that were not prudently incurred and used and useful z While commissions want to ensure that utilities do not under invest in security, they must also guard against excessive or inappropriate spending Cost Recovery Cont. z Security expenses can be grouped into two categories • Physical security of a utility’s personnel, production plants, and distribution facilities • Protection of computer networks and digital control systems (such as SCADA) used in utility service, also known as “cyber security” Cost Recovery Cont. z An effective security plan could include • Identification of critical infrastructure • Vulnerability assessment • Physical security • Threat detection • Event mitigation • Existence of a chain of command for operation decisions in the event of an emergency Cost Recovery Cont. • Communications plan for vital public information • Continuity of operations provisions • Damage assessment procedures • Response and recovery procedures • Plans for interaction with state and federal emergency response officials What Should Regulators Do? z Some suggestions • Examine existing guidelines and standards from NERC, OPS, NRIC and EPA to determine which ones to use in their proceedings • Think of critical infrastructure investments as ones which increase shareholder value because they add to reliability What Should Regulators Do? z Some suggestions • Encourage informal dialogue with utilities to explore ways to improve critical infrastructure security • Monitor—keep up-to-date What Should Utilities Do? z Some suggestions • Comply with security regulations and utilize applicable industry security best practices • Perform vulnerability and risk assessments • Undertake mitigation reviews • Increase senior management awareness What Should Utilities Do? z Some suggestions • Review insurance coverage and contracts • Develop short and long-term security plans • Periodically re-evaluate plans and procedures and make changes when necessary • Work with customers and other utilities What Should Utilities Do? z Some suggestions • Establish and maintain strong relationships with law enforcement and state emergency management staff • Evaluate interdependencies Final Thoughts z The state regulatory commission’s role is a limited one in the larger scope of homeland security, but it is one in which state commissions have a unique authority: determining how to pay and who should pay for security costs z States are able to rely on existing regulatory procedures for exercising this authority, and can adapt these procedures to ensure the reliability and safety of the nation’s critical utility infrastructure. Questions? Terry M. Jarrett Missouri Public Service Commission 573-751-3234 www.psc.mo.gov.
Load more

Recommended publications
  • Critical Infrastructures: What Makes an Infrastructure Critical?
    Order Code RL31556 Report for Congress Received through the CRS Web Critical Infrastructures: What Makes an Infrastructure Critical? Updated January 29, 2003 John Moteff, Claudia Copeland, and John Fischer Resources, Science, and Industry Division Congressional Research Service ˜ The Library of Congress Critical Infrastructures: What Makes an Infrastructure Critical? Summary The Bush Administration’s proposal for establishing a Department of Homeland Security includes a function whose responsibilities include the coordination of policies and actions to protect the nation’s critical infrastructure. However, the proposal did not specify criteria for how to determine criticality or which infrastructures should be considered critical. Over the last few years, a number of documents concerned with critical infrastructure protection have offered general definitions for critical infrastructures and have provided short lists of which infrastructures should be included. None of these lists or definitions would be considered definitive. The criteria for determining what might be a critical infrastructure, and which infrastructures thus qualify, have expanded over time. Critical infrastructures were originally considered to be those whose prolonged disruptions could cause significant military and economic dislocation. Critical infrastructures now include national monuments (e.g. Washington Monument), where an attack might cause a large loss of life or adversely affect the nation’s morale. They also include the chemical industry. While there may be some debate about why the chemical industry was not on earlier lists that considered only military and economic security, it seems to be included now primarily because individual chemical plants could be sources of materials that could be used for a weapon of mass destruction, or whose operations could be disrupted in a way that would significantly threaten the safety of surrounding communities.
    [Show full text]
  • Economic Regulation of Utility Infrastructure
    4 Economic Regulation of Utility Infrastructure Janice A. Beecher ublic infrastructure has characteristics of both public and private goods and earns a separate classification as a toll good. Utilities demonstrate a Pvariety of distinct and interrelated technical, economic, and institutional characteristics that relate to market structure and oversight. Except for the water sector, much of the infrastructure providing essential utility services in the United States is privately owned and operated. Private ownership of utility infrastructure necessitates economic regulation to address market failures and prevent abuse of monopoly power, particularly at the distribution level. The United States can uniquely boast more than 100 years of experience in regulation in the public in- terest through a social compact that balances and protects the interests of inves- tors and ratepayers both. Jurisdiction is shared between independent federal and state commissions that apply established principles through a quasi-judicial pro- cess. The commissions continue to rely primarily on the method known as rate base/rate-of-return regulation, by which regulators review the prudence of in- frastructure investment, along with prices, profits, and performance. Regulatory theory and practice have adapted to emerging technologies and evolving market conditions. States—and nation-states—have become the experimental laborato- ries for structuring, restructuring, and regulating infrastructure industries, and alternative methods have been tried, including price-cap and performance regu- lation in the United Kingdom and elsewhere. Aging infrastructure and sizable capital requirements, in the absence of effective competition, argue for a regula- tory role. All forms of regulation, and their implementation, can and should be Review comments from Tim Brennan, Carl Peterson, Ken Costello, David Wagman, and the Lincoln Institute of Land Policy are greatly appreciated.
    [Show full text]
  • Title 61 Public Utility Regulation Chapter 1
    TITLE 61 PUBLIC UTILITY REGULATION CHAPTER 1 PUBLIC UTILITIES LAW -- APPLICATION AND DEFINITIONS 61-101. Title and application. This act shall be known as "The Public Utilities Law" and shall apply to the public utilities and public services herein described and to the commission herein referred to. 61-102. Commission. The term "commission" when used in this act means the Idaho public utilities commission. 61-103. Commissioner. The term "commissioner" when used in this act means one of the members of the commission. 61-104. Corporation. The term "corporation" when used in this act includes a corporation, a company, an association and a joint stock association, but does not include a municipal corporation, or mutual nonprofit or cooperative gas, electrical, water or telephone corporation or any other public utility organized and operated for service at cost and not for profit, whether inside or outside the limits of incorporated cities, towns or villages. 61-105. Person. The term "person" when used in this act includes an individual, a firm and a copartnership. 61-106. Transportation of persons. The term "transportation of persons" when used in this act includes every service in connection with or incidental to the safety, comfort, or convenience of the person transported and the receipt, carriage and delivery of such person and his baggage. 61-107. Transportation of property. The term "transportation of property" when used in this act includes every service in connection with or incidental to the transportation of property, including in particular its receipt, delivery, elevation, transfer, switching, carriage, ventilation, refrigeration, icing, dunnage, storage, and handling, and the transmission of credit by express corporations.
    [Show full text]
  • NIST Framework and Roadmap for Smart Grid Interoperability Standards, Release 1.0
    NIST Special Publication 1108 NIST Framework and Roadmap for Smart Grid Interoperability Standards, Release 1.0 Office of the National Coordinator for Smart Grid Interoperability NIST Special Publication 1108 NIST Framework and Roadmap for Smart Grid Interoperability Standards, Release 1.0 Office of the National Coordinator for Smart Grid Interoperability January 2010 U.S. Department of Commerce Gary Locke, Secretary National Institute of Standards and Technology Patrick D. Gallagher, Director Table of Contents Executive Summary........................................................................................................................ 7 1 Purpose and Scope .................................................................................................................. 13 1.1 Overview and Background............................................................................................. 13 1.2 How This Report Was Produced.................................................................................... 16 1.3 Key Concepts ................................................................................................................. 18 1.3.1 Definitions............................................................................................................... 19 1.3.2 Applications and Requirements: Eight Priority Areas............................................ 20 1.4 Content Overview .......................................................................................................... 21 2 Smart Grid Vision..................................................................................................................
    [Show full text]
  • An Overview of Pucs for State Environment and Energy Officials – May 20, 2010 2 Adopted IRP Requirements
    U.S. Environmental Protection Agency State Climate and Energy Technical Forum Background Document An Overview of PUC s for State Environment and Energy Officials May 20, 2010 Public utility commissions (PUCs) regulate electric, gas, telecommunications, water and waste water utilities. In most states a single agency will regulate these sectors; however, in some states these functions may be split between more than one agency. Commissioners are typically appointed by the governor and generally serve 4 to 6 year terms, although in approximately one quarter of the states commissioners are elected. As a general rule, utility commissions are charged with assuring that utilities provide reasonable, adequate and efficient service to customers at just and reasonable prices. Utility regulation takes many forms, including price regulation, resource planning and acquisition, reliability and quality of service regulation. PUCs typically regulate all investor-owned utilities (IOUs) in their state. Municipal and cooperative utilities are often exempted from PUC regulation or have limited regulation. Focusing on electric utility regulation, this document will explore the responsibilities of PUCs, their decision making processes, how their decisions can affect clean energy1 and air quality. Background Electric Utility Market Structure Throughout most of the 20th century, electric utilities were regulated monopolies, with utility companies owning the generation, transmission and distribution assets for their service territory (this model is referred to
    [Show full text]
  • Infrastructure Failure I. Introduction Two Broad Areas of Concern
    Infrastructure Failure I. Introduction Two broad areas of concern regarding infrastructure failure include: • Episodic failure: temporary loss of power, technology associated with maintenance of the babies may fail, or some other temporary issue may occur. • Catastrophic failure: significant damage to hospital infrastructure or anticipated prolonged outage of critical systems may trigger a decision to perform a hospital evacuation. Preplanning requires recognition of potential threats or hazards and then development of management strategies to locate the resources and support patient needs. • In disasters, departmental leaders need to develop an operational chart to plan for a minimum of 96 hours for staff needs, as well as patient care needs and supplies that may be depleted as supplies are moved with the patients. In the event that supplies or equipment cannot be replenished, staff may need to improvise. It is important that staff become familiar with non-traditional methodologies to assist equipment-dependent emergencies for neonatal patients. • The first task in dealing with infrastructure emergencies is to complete a pre-disaster assessment of critical infrastructure (see Appendix A). A key consideration in deciding whether to issue a pre-event evacuation order is to assess vulnerabilities and determine anticipated impact of the emergency on the hospital and its surrounding community. II. Critical Infrastructure Self-Assessment Worksheet A Pre-Disaster Assessment of Critical Infrastructure Worksheet (Appendix A) is divided into eight sections: municipal water, steam, electricity, natural gas, boilers/chillers, powered life support equipment, information technology, telecommunications, and security. The Worksheet can be used in conjunction with the National Infrastructure Protection Plan (NIPP), which is a management guide for protecting critical infrastructure and key resources.
    [Show full text]
  • Risk Management Guide for Critical Infrastructure Sectors
    Risk Management Guide for Critical Infrastructure Sectors Risk Management Guide for Critical Infrastructure Sectors Page 1 of 37 Version 1.0 Contact: Critical Infrastructure Policy, Public Safety Canada. Risk Management Guide for Critical Infrastructure Sectors Foreword Managing risk is a shared responsibility among all critical infrastructure stakeholders, including governments, industry partners, first responders and non- government organizations. While partnerships and information sharing represent the building blocks of the Canadian approach to enhancing the resiliency of critical infrastructure, these cannot be undertaken in isolation of risk management and the development of plans and exercises to address these risks. Recognizing that the impacts of disruptions can cascade across sectors and jurisdictions, the purpose of this document is to provide practical guidance for implementing a coordinated, all-hazards approach to critical infrastructure risk management. Moving forward with this comprehensive risk management process requires federal departments and agencies to collaborate with their critical infrastructure partners, including industry stakeholders and other levels of government. While this guidance document promotes a common approach to critical infrastructure risk management, owners and operators and each jurisdiction are ultimately responsible for implementing a risk management approach appropriate to their situation. This guide is adapted from the ISO 31000 International Standard: “Risk Management – Principles and guidelines on implementation”, and includes the following sections: 1. Overview, Principles and Process 2. Sector Networks: Communication and consultation 3. Sector Overviews: Part 1 – Sector Operations 4. Sector Overviews: Part 2 – Sector Risk Profile 5. Sector Overviews: Part 3 – Sector Workplan 6. Ongoing improvement and feedback Sections 2 through 6 focus on implementation and contain the following sub- sections: Key Elements : The inputs and expected deliverables.
    [Show full text]
  • Water Sector Cybersecurity Brief for States
    WATER SECTOR CYBERSECURITY BRIEF FOR STATES Introduction Implementing cybersecurity best practices is critical for water and wastewater utilities. Cyber-attacks are a growing threat to critical infrastructure sectors, including water and wastewater systems. Many critical infrastructure facilities have experienced cybersecurity incidents that led to the disruption of a business process or critical operation. Cyber Threats to Water and Wastewater Systems Cyber-attacks on water or wastewater utility business enterprise or process control systems can cause significant harm, such as: • Upset treatment and conveyance processes by opening and closing valves, overriding alarms or disabling pumps or other equipment; • Deface the utility’s website or compromise the email system; • Steal customers’ personal data or credit card information from the utility’s billing system; and • Install malicious programs like ransomware, which can disable business enterprise or process control operations. These attacks can: compromise the ability of water and wastewater utilities to provide clean and safe water to customers, erode customer confidence, and result in financial and legal liabilities. Benefits of a Cybersecurity Program The good news is that cybersecurity best practices can be very effective in eliminating the vulnerabilities that cyber-attacks exploit. Implementing a basic cybersecurity program can: • Ensure the integrity of process control systems; • Protect sensitive utility and customer information; • Reduce legal liabilities if customer or employee personal information is stolen; and • Maintain customer confidence. Challenges for Utilities in Starting a Cybersecurity Program Many water and wastewater utilities, particularly small systems, lack the resources for information technology (IT) and security specialists to assist them with starting a cybersecurity program. Utility personnel may believe that cyber-attacks do not present a risk to their systems or feel that they lack the technical capability to improve their cybersecurity.
    [Show full text]
  • What the Pennsylvania Public Utility Commission Regulates
    What the Pennsylvania Public Utility Commission Regulates The PUC has jurisdiction over 11 electric distribution companies who serve the majority of the Commonwealth. Rural electric cooperatives and most utilities owned and operated by cities, boroughs or townships are not regulated by the Commission. For information on these, contact the electric co-op, Pennsylvania Rural Electric Association, or your municipality. The PUC has jurisdiction over 25 gas utilities. It does not have jurisdiction over bottled propane gas, and most utilities owned and operated by cities, boroughs, or townships. For information on these, contact your local municipality or the state Attorney General’s Office. The PUC has jurisdiction over intrastate, local, toll and access telephone services and providers. The Commission does not regulate broadband, wireless, or cable TV companies. For more information on these, contact your local municipality about cable TV problems or the Federal Communications Commission (FCC). The PUC regulates motor carriers that transport property, passengers and household goods such as taxis, moving companies, limousines. It also conducts motor vehicle, railroad facility, and track inspections. The Commission also regulates Transportation Network Companies such as Uber and Lyft. Note: Taxis, limousines and Transportation Network Companies operating in Philadelphia are regulated by the Philadephia Parking Authority, not the PUC. The PUC’s Pipeline Safety Division conducts inspections on pipelines operated by public utilities that fall under PUC jurisdiction and ensures compliance with state and federal safety regulations. The PUC enforces federal and Commission pipeline safety regulations as they apply to public utilites providing natural gas distribution and intrastate transmission service, and public utilities providing intrastate transmission of hazardous liquids.
    [Show full text]
  • North Carolina's Public Utility Infrastructure & Regulatory Climate
    North Carolina’s Public Utility Infrastructure & Regulatory Climate Presented by NORTH CAROLINA UTILITIES COMMISSION www.ncuc.net January 2020 NORTH CAROLINA UTILITIES COMMISSION Dobbs Building, 430 North Salisbury Street 27603-5918 4325 Mail Service Center, Raleigh, North Carolina 27699-4300 www.ncuc.net Phone: 919-733-4249 Fax: 919-733-7300 Commissioners Charlotte A. Mitchell, Chair ToNola D. Brown-Bland Kimberly W. Duffley Lyons Gray Jeffrey A. Hughes Daniel G. Clodfelter Floyd B. McKissick Jr. 22 Commissioner Brown-Bland Commissioner Gray Commissioner Clodfelter Chair Mitchell Commissioner Duffley Commissioner Hughes Commissioner McKissick 3 The Public Staff – North Carolina Utilities Commission • Established in the Commission is the Public Staff, an independent agency created in 1977 by legislation (N.C. Gen. Stat. § 62-15) • Represents the Using and Consuming Public of the State’s investor-owned public utilities and intervenes on their behalf in all Commission proceedings affecting rates or service Christopher J. Ayers, Executive Director Dobbs Building, 430 North Salisbury Street 27603-5918 4326 Mail Service Center, Raleigh, North Carolina 27699-4300 ■ ■ ■ www.publicstaff.nc.gov Consumer Services Division (Consumer Complaints) Phone: 919-733-9277 Toll-Free: 1-866-380-9816 43 Regulation of Public Utilities Regulation of Public Utilities • Purpose: protect the public’s interest in receiving adequate service at reasonable rates • Traditional regulatory bargain: utilities exchange benefit of monopoly franchised service territory for obligation to provide adequate service at reasonable rates • Commission’s regulatory obligation: to be fair and reasonable to public utilities and their customers • Commission’s regulatory tools: ― certification of new facilities ― rate establishment or review ― service quality oversight • Recent trends: regulation of certain utility industries and services by the Commission has become more complex due to changes in State and Federal laws and rules, and industry trends.
    [Show full text]
  • Designating Regional Elements System in a Critical Infrastructure System in the Context of the Czech Republic
    systems Article Designating Regional Elements System in a Critical Infrastructure System in the Context of the Czech Republic Petr Novotny 1,* and Michaela Janosikova 2 1 Faculty of Safety Engineering, VSB—Technical University of Ostrava, Lumirova 630/13, 700 30 Ostrava-Vyskovice, Czech Republic 2 Faculty of Security Engineering, University of Zilina, 1. Maja 32, 01026 Zilina, Slovakia; [email protected] * Correspondence: [email protected]; Tel.: +420-597-322-834 Received: 18 March 2020; Accepted: 17 April 2020; Published: 22 April 2020 Abstract: Critical infrastructure is a complex system whose disruption or failure results in significant impacts on state interests, i.e., territorial security, economy, and the basic needs of the population. The current European Critical Infrastructure Protection Model does not allow the direct identification of critical elements at the regional level. Based on this, the paper brings a proposal for a unified system of critical infrastructure design based on a bottom-up approach. It is a progressive approach, utilizing contemporary trends in the application of science-based knowledge to critical infrastructure. A holistic view of this issue allows us to take into account the needs and preferences of the population, the preferences of the stakeholders and the local conditions of the region under consideration. The novelty of this approach is seen, in particular, in the identification of regional critical infrastructure elements through an integral assessment of these elements’ failure impact, not only on the dependent subsectors, but also on the population (population equivalent) in the assessed region. The final part of the paper presents a case study demonstrating the practical application of the proposed system to the road infrastructure in the Pardubice Region of the Czech Republic.
    [Show full text]
  • Smart Grid 101 Presentation
    The Smart Grid is a compilation of concepts, technologies, and operating practices intended to bring the electric grid into the 21 st century. Smart Grid concepts and issues are difficult to address because they include every aspect of electric generation, distribution, and use. While the scope of smart grid covers the entire utility system from generation to how customers use energy, the three chapters in this portion of the tutorial primarily focus on the intersection between the distribution grid and customer. All elements of smart grid include important engineering, economic , and policy issues. However, with the exception of alternative generation options, the generation and transmission segments are less uncertain and more dominated by engineering economics than the distribution and customer segments. This Smart Grid 101 tutorial is divided into chapters that address significant individual technical and policy areas. Each chapter attempts to isolate and define technical and policy issues relevant to state regulators. Our objective is to more clearly define the components of Smart Grid, identify how these components interact, and then present information to clarify policy and decision options. Smart Grid is often considered confusing because it covers not only the entire electric infrastructure but also new technologies, customer interaction, legal, and regulatory issues. To address this problem, each chapter addresses a limited scope of issues derived principally from meetings with regulators, industry literature, and project team professional judgment. This set of chapters address metering, rate design, and demand response. 1 Advanced meters and Smart Meters are the most visible and tangible signs of the Smart Grid. They are installed on and affect every single customer.
    [Show full text]